7 years ago · 39ba697e19
--- a/deploy/README.md
+++ b/deploy/README.md
@@ -255,3 +255,23 @@ acme.sh --deploy -d fritzbox.example.com --deploy-hook fritzbox
 
				 ```sh
			
 
				 acme.sh --deploy -d ftp.example.com --deploy-hook strongswan
			
 
				 ```
			
 
				+
			
 
				+## 10. Deploy the cert to HAProxy
			
 
				+
			
 
				+You must specify the path where you want the concatenated key and certificate chain written.
			
 
				+```sh
			
 
				+export DEPLOY_HAPROXY_PEM_PATH=/etc/haproxy
			
 
				+```
			
 
				+
			
 
				+You may optionally define the command to reload HAProxy. The value shown below will be used as the default if you don't set this environment variable.
			
 
				+
			
 
				+```sh
			
 
				+export DEPLOY_HAPROXY_RELOAD="/usr/sbin/service haproxy restart"
			
 
				+```
			
 
				+
			
 
				+You can then deploy the certificate as follows
			
 
				+```sh
			
 
				+acme.sh --deploy -d haproxy.example.com --deploy-hook haproxy
			
 
				+```
			
 
				+
			
 
				+The path for the PEM file will be stored with the domain configuration and will be available when renewing, so that deploy will happen automatically when renewed.
			
--- a/deploy/haproxy.sh
+++ b/deploy/haproxy.sh
@@ -20,7 +20,39 @@ haproxy_deploy() {
 
				   _debug _cca "$_cca"
			
 
				   _debug _cfullchain "$_cfullchain"
			
 
				 
			
 
				-  _err "deploy cert to haproxy server, Not implemented yet"
			
 
				-  return 1
			
 
				+  # handle reload preference
			
 
				+  DEFAULT_HAPROXY_RELOAD="/usr/sbin/service haproxy restart"
			
 
				+  if [ -z "${DEPLOY_HAPROXY_RELOAD}" ]; then
			
 
				+    _reload="${DEFAULT_HAPROXY_RELOAD}"
			
 
				+    _cleardomainconf DEPLOY_HAPROXY_RELOAD
			
 
				+  else
			
 
				+    _reload="${DEPLOY_HAPROXY_RELOAD}"
			
 
				+    _savedomainconf DEPLOY_HAPROXY_RELOAD "$DEPLOY_HAPROXY_RELOAD"
			
 
				+  fi
			
 
				+  _savedomainconf DEPLOY_HAPROXY_PEM_PATH "$DEPLOY_HAPROXY_PEM_PATH"
			
 
				+
			
 
				+  # work out the path where the PEM file should go
			
 
				+  _pem_path="${DEPLOY_HAPROXY_PEM_PATH}"
			
 
				+  if [ -z "$_pem_path" ]; then
			
 
				+    _err "Path to save PEM file not found. Please define DEPLOY_HAPROXY_PEM_PATH."
			
 
				+    return 1
			
 
				+  fi
			
 
				+  _pem_full_path="$_pem_path/$_cdomain.pem"
			
 
				+  _info "Full path to PEM $_pem_full_path"
			
 
				+
			
 
				+  # combine the key and fullchain into a single pem and install
			
 
				+  cat "$_cfullchain" "$_ckey" >"$_pem_full_path"
			
 
				+  chmod 600 "$_pem_full_path"
			
 
				+  _info "Certificate successfully deployed"
			
 
				+
			
 
				+  # restart HAProxy
			
 
				+  _info "Run reload: $_reload"
			
 
				+  if eval "$_reload"; then
			
 
				+    _info "Reload success!"
			
 
				+    return 0
			
 
				+  else
			
 
				+    _err "Reload error"
			
 
				+    return 1
			
 
				+  fi
			
 
				 
			
 
				 }